A malicious action such as stealing confidential information that is perpetrated against a user who is browsing a website. The user is "hijacked" by "clicking" a link on a contaminated Web page that executes the malware. The buttons may appear legitimate, but users are actually clicking buttons on a transparent layer they cannot see. The buttons can cause anything to happen, including making a purchase. Likejacking and Sharejacking Numerous clickjacking scams have been perpetrated on Facebook. For example, Facebook Like and Share buttons have been hidden under other buttons so that, when clicked, users would voice their preference for something or share something with their friends unknowingly in order to generate viral marketing for a product or to propagate malware. See CSRF and hijacking.